Contact us:

Feb 2019, Chapter Meeting Recap

Jason Sheffield, Sr. Sales Engineer at Netskope, made several great points about how enterprises can implement cloud security. Some highlights included:

  • Data flows like water!
  • Data exposure from mis-configured settings that does not constitute a breach.
  • Is that cloud application your enterprise is thinking about using really enterprise ready?
  • Think about shadow IT:
    • Who’s buying it?
    • What is the risk exposure?
    • From a compliance perspective, how does shadow IT impact audits and compliance?
Larry Moore, Austin, ISSA Past President, thanks Jason Sheffield for this presentation

He suggested three quick wins for Enterprise IT:

  1. DLP policies for downloading sensitive data from the cloud, make sure you scrub test data, and don’t worry about nonsensitive data.
  2. Assess the security of your IaaS environment continuously.
  3. Consider using the same security policies against all your cloud data.

He told us about a great resource to check out – Adrian Grigorof’s article on Peerlyst, Mapping of On-Premises Security Controls vs Major Cloud Providers Version 3.2 Feb 2019.

Thank you, Jason, for a very informative meeting! If you’re an ISSA member, his slides are available here:

Skip to content